BUSINESS FUNDAMENTALS
Dx
Digital Transformation
Digital transformation (DX) is about engaging with new innovation and technology to accelerate growth. Unfortunately, adopting new technologies introduces more gaps for threat actors to exploit.
"By 2021, inadequate risk management planning for digital transformation will result in significant disruptions for one in three organizations."*
*Gartner Ensure Digital Business Resilience Through Better Risk Management Planning, Earl Perkins, 15 May 2018
IDC forecasts DX spending will grow at close to an 18% compound annual growth rate from 2016-2021, hitting $2.1 trillion in 2021.**.
** Press Release: IDC Forecasts Worldwide Spending on Digital Transformation Worldwide Spending on Digital Transformation Will Be Nearly $2 Trillion in 2022 (11/13/18).
BUSINESS FUNDAMENTALS
Go
Governance
In a recent survey of IT decision makers: 58% of respondents said getting buy-in and budget is hard because of the lack of understanding amongst the board.
"By 2020, 100% of large enterprises will be asked to report to their boards of directors on cybersecurity and technology risk at least annually, which is an increase from today’s 40%."*
*Gartner Prepare for and Respond to a Business Disruption After an Aggressive Cyberattack, Roberta Witty, et al, 12 April 2019
BUSINESS FUNDAMENTALS
Rm
Risk Management
According to a recent survey, only 25% of respondents described their risk management processes as "mature" or "robust."
Within this sample, larger organizations, public companies, and financial services companies were at the higher end of the maturity spectrum, but only 40-50% of these groups characterized their risk management process as "mature" or "robust."
*Source: American Institute of Certified Public Accountants (AICPA) "2017 Report on the Current State of Enterprise Risk Oversight" (published March 2017).
Only 25% of enterprises describe their risk management process as "mature."
BUSINESS FUNDAMENTALS
Co
Compliance
We believe the cyber compliance landscape could become more challenging as regulations such as GDPR serve as a precursor to the implementation of more rigorous standards. According to a recent study, 66% of respondents believe the U.S. and other countries will adopt privacy and data security regulations that will resemble GDPR.*
*Ponemon Global Cyber Megatrends report (February 2018).
BUSINESS FUNDAMENTALS
Gdp
General Data Protection Regulation
The GDPR regulation from the EU was implemented May 25, 2018. Fines for offenses are scheduled to be quite punitive reaching as high as €20 million or 4% of global turnover, whichever is greater.
"Before YE21, more than a billion euros in sanctions for GDPR noncompliance will have been issued."*
*Gartner Predicts 2019: The Ambiguous Future of Privacy, Bart Willemsen, et al, 14 November 2018
BUSINESS FUNDAMENTALS
Ba
Business Alignment
Security is critical to enable digital business success. Digital transformation broadens an organization's attack surface as it pushes IT infrastructure into the cloud, embraces DevOps techniques, and incorporates IoT. Security leaders must become more aware of general business objectives and work to support those objectives. That means articulating to both business leaders and boards of directors how their security roadmap aligns to corporate priorities and demonstrating ROI for security investment.
Are IT security objectives aligned with business objectives?*
* Ponemon The Evolving Role of CISOs (August 2017).
IT FUNDAMENTALS
Am
Asset Management
Asset Management is critical to an effective cybersecurity strategy. You cannot properly secure what you do not know exists. In addition, by continuously tracking and optimizing an IT asset footprint, other functions such as patch management become far more streamlined.
IT FUNDAMENTALS
Cm
Change Management
The sheer volume and frequency of changes in the technology environment of most organizations creates a tremendous burden for change management practices. To more effectively compete in the digital economy, companies have a desire to introduce more change into IT production environments at a faster pace.
Formalized change management programs can slow this process, but must be engrained in the evolving corporate culture. Good processes are built with verification and validation steps to catch exceptions and mistakes, but a pace of overwhelming change still creates the risk for gaps.
IT FUNDAMENTALS
Pm
Patch Management
"Gartner believes that more than 99% of exploits are based on vulnerabilities that were already known."*
*Gartner Ten Key Reasons Your IT Product Is Not Secure, Ray Wagner, et al, 4 December 2018
Effective patch management is a strong defense against malware and other types of threats that target software vulnerabilities. While there are varying valid reasons for why it may not be feasible – or a high priority – to implement some patches, it is hard to accept that many high-impact breaches stem from poor patch hygiene. In addition, many exploitable vulnerabilities have already been well characterized.
IT FUNDAMENTALS
Cfg
Configuration Management
Configuration management proactively and continuously monitors and hardens the security configurations of an organization’s operating systems, applications and network devices. A formalized configuration management program is important to demonstrate compliance with various regulations including PCI DSS and HIPAA.
IT FUNDAMENTALS
Iam
Identity Access Management
Get back to the basics – make investments in IAM, including access control, user lifecycle and access governance – and postpone more advanced techniques until the basics are addressed.
"Through 2021, organizations without formal IAM programs will spend 40% more on IAM capabilities while realizing fewer business objectives than organizations with such programs." **
**Gartner Best Practices for IAM Program Management and Governance, Kevin Kampman, et al, 26 November 2018
SECURITY PROGRAM FUNDAMENTALS
Ns
Network Security
Network security is likely one of the largest line items in the security budget. In the world of digital transformation, the old paradigm of the protected perimeter has become less relevant. Network security concepts are being forced to morph with the advent of virtual/cloud IT environments and distributed IoT devices. In addition, virtual environments create growing demand for advanced micro-segmentation.
SECURITY PROGRAM FUNDAMENTALS
Es
Endpoint Security
Due to the growing sophistication of attacks, endpoint security has been forced to evolve beyond signature-based blocking. Next-gen antivirus (AV) incorporates new prevention techniques, such as machine learning, that do not rely on signatures.
In addition, new tools for endpoint detection and response are also fighting for precious real estate on the endpoint. Ultimately, agent overload on the endpoint is not ideal from a security operations perspective. As the traditional/incumbent AV vendors and next-gen endpoint vendors alike continue to fill out their capabilities including endpoint detection and response (or combine through M&A), we expect a consolidation in the number of agents installed per endpoint.
SECURITY PROGRAM FUNDAMENTALS
Vm
Vulnerability Management
Vulnerability management should be more than running a vulnerability scanner once per year and remediating the resulting vulnerabilities. An effective vulnerability management program includes more continuous scanning, prioritized remediation and tracking, root-cause analysis and detailed reporting. Rezilyens has expertise to help you mature your vulnerability management program with numerous third-party technologies, or we can offer a program as a managed service.
SECURITY PROGRAM FUNDAMENTALS
Em
Email Management
Email continues to be one of the most common attack vectors for both phishing and the distribution of malware. In fact, the 2018 Verizon Data Breach Investigations Report determined that 49% of malware is installed via malicious email, and malware is used in 30% of successful breaches. These factors highlight the need for advanced email security controls. While native email security controls in Microsoft O365 are improving, Rezilyens continues to see its clients make signficant investments in email security solutions from third-parties to reinforce the O365 capabilities.
83% of organizations experienced a phishing attack in 2018 which was up from 76% in 2017 – and each organization saw a higher average number of spear phishing attacks in 2018 compared to 2017.*
*Proofpoint State of the Phish Report 2019
SECURITY PROGRAM FUNDAMENTALS
Ws
Web Security
Secure web gateways represent a fairly mature market, but they provide value for advanced URL filtering and advanced threat defense. Secure web gateway technology may increasingly blend with adjacent technologies such as firewalls, DNS resolution services, and CASB.
SECURITY PROGRAM FUNDAMENTALS
Tm
Threat Management
Enterprises following the traditional threat-centric "outside-in" approach to cybersecurity begin by identifying specific threats and then reacting with technology investment.
Rather than starting with threats, a programmatic "inside-out" approach to threat management focuses on understanding your business objectives to ensure foundational security strategies, such as privileged access management (PAM), are in effect.
Our offensive security practices, including penetration testing and breach response war games, are regularly able to bypass threat-centric security controls due to the high number of enterprises lacking foundational configuration and patch management processes.
SECURITY PROGRAM FUNDAMENTALS
As
Application Security
Exploiting software vulnerabilities is typically the #1 or #2 most common tactic used by hackers to breach organizations. This certainly makes sense with respect to web-facing applications. However, digital transformation is driving increased integration between applications from many different sources through the use of APIs which also opens up new attack vectors.
"By 2022, API abuses will be the most-frequent attack vector resulting in data breaches for enterprise web applications."
* Gartner, How to Build an Effective API Security Strategy, Mark O'Neill et al., 8 December 2017
SECURITY PROGRAM FUNDAMENTALS
Dp
Data Protection
Among the multitude of security assessments Rezilyens conducts for clients annually, Data Protection stands out as one of the lowest maturity disciplines in most organizations. Penalties for poor data protection practices are set to escalate with the advent of new regulations such as GDPR. Rezilyens expects continued strong corporate investment in data security infrastructure including DLP, encryption, and data access governance.
LEARN MORE
"By 2025, more than 65% of organizations will invest in enterprise data loss prevention suites, up from approximately 35% in 2017."*
Gartner Forecast Overview: Information Security, Worldwide, 2018 Update, Justin Taylor, et al, 5 October 2018
SECURITY PROGRAM FUNDAMENTALS
Soc
Security Operations Center
Forming a Security Operations Center (SOC) is an important step toward advancing the effectiveness of an organization's security operations. The SOC team’s goal is to detect, analyze and respond to security incidents using a combination of technology solutions and a strong set of processes. Rezilyens service enables enterprises to achieve a modern SOC that integrates all of its people, processes and technologies.
LEARN MORE
"By 2022, 50% of all SOCs will transform into modern SOCs with integrated incident response, threat intelligence and threat hunting capabilities, up from less than 10% in 2015."*
*Gartner Selecting the Right SOC Model for Your Organization, Gorka Sadowski, et al, 18 September 2018
SECURITY PROGRAM FUNDAMENTALS
Pt
Penetration Testing
There are only two ways to know if an organization’s people, processes, and technologies are truly effective against an attacker: either get attacked by a good guy or get attacked by a bad guy. Utilizing offensive penetration testing teams (the good guys) to bring the enemy’s perspective to the forefront of an organization’s strategy is a key component of focusing the security strategy and execution on impactful remediations and improvements.
75% of the vulnerabilities exploited by the Rezilyens penetration testing team are not identified by a vulnerability scanner.*
SECURITY PROGRAM FUNDAMENTALS
Sm
Security Info & Event Mgmt
Security information and event management (SIEM) is a foundational tool for effective security operations that can be expensive to resource and complex to operate. To be most effective, it requires continuous rule refinement and output correlation.
Rezilyens is seeing in an increased demand for SIEM expertise around management/performance monitoring, tuning and 24/7 alert monitoring.
"By 2020, 80% of SIEM solutions will include advanced analytics, often as user and entity behavior analytics (UEBA) features, and elements of security orchestration, automation and response (SOAR)."*
*Gartner Technology Insight for the Modern SIEM, Gorka Sadowski, et al, 24 October 2018
SECURITY PROGRAM FUNDAMENTALS
Ir
Incident Response
For many organizations, a serious security incident is a matter of "when" and not "if." This reality makes developing an effective response plan a critical objective for any CISO to protect their organization. Only 23% of companies have a cybersecurity incident response plan that is applied across the entire enterprise, and this number has actually declined slightly over the past several years of the survey.*
*Ponemon Cyber Resilient Enterprise (April 2019).
ADVANCED SECURITY PROGRAMS
Cti
Cyber Threat Intelligence
In an uncertain security environment, cyber threat intelligence is one way to gain a footing and understand the lay of the land. The art behind successful security operations lies not only within people, process and technology, but within the ability to make good, judgement-based decisions.
"By 2022, 20% of large enterprises will use commercial threat intelligence (TI) services to inform their security strategies, which is an increase from fewer than 10% today."*
* Gartner Market Guide for Security Threat Intelligence Products and Services, Craig Lawson, et al, 19 February 2019
ADVANCED SECURITY PROGRAMS
Ics
Identity Centric Security
Many organizations have made significant investments in cybersecurity technologies with a single goal in mind – prevent a breach. And yet, most security experts believe that it’s not a matter of if, but when.
Existing standalone cybersecurity investments are collecting a wealth of information about users, their devices and their activities. Combining this intelligence with traditional identity and access management (IAM) technologies provides a context-based approach to authentication and authorization that reduces risk and improves security. An identity centric approach to enterprise security allows enterprises to optimize their cybersecurity investment while controlling risk as IT infrastructures converge.
ADVANCED SECURITY PROGRAMS
Dso
Devsecops
Only 46% of DevOps teams have “shifted left” to confront security risks up front in requirements and service design for major IT projects, which means that they are ignoring important risks and taking on unnecessary (and dangerous) security debt.* DevSecOps has emerged as an enterprise application development best practice that embraces the inherent agility benefits of DevOps, but recognizes that the security organization needs to be integrated as an early participant in the DevOps process.
* SANS 2018 Secure DevOps: Fact or Fiction? (October 2018).
ADVANCED SECURITY PROGRAMS
Trm
Third Party Risk Management
59% of companies said they have experienced a data breach caused by one of their vendors or third parties. Less than half of all companies say managing their third-party risk management (TPRM) is effective and a priority within their organization.
*Source: https://www.apnews.com/556444d2cc114ea9a8ceda8f747b329c
OPTIV'S TPRM SERVICE CAN HELP YOU
ADVANCED SECURITY PROGRAMS
Ca
Cloud Access Security Broker
According to Netskope, the average enterprise is using nearly 1,200 cloud services and nearly 93% of these are not "enterprise ready."* Many departments within organizations frequently spin up SaaS applications to improve their productivity, but these apps are often not vetted.
* Netskope Cloud Report February 2018.
These unsanctioned apps -- or shadow IT -- can create risk for organizations. To protect against this risk and to improve visibility over shadow IT, significant corporate investment in CASB tools is expected.
"By 2022, 60% of large enterprises will use a CASB to govern some cloud services, up from less than 20% today." **
** Gartner, Magic Quadrant for Cloud Access Security Brokers, Craig Lawson et al., 29 October 2018
ADVANCED SECURITY PROGRAMS
Cs
Cloud Security
Utilizing public cloud services has become the foundation to empower the agility and innovation of the digital business. Unfortunately, input from the security team is not relied upon as frequently as it should be as companies rush to the cloud.
According to a study by Ponemon examining how often the security team is involved in cloud decisions, 35% of respondents said "rarely," and another 8% said "never."
* Ponemon: The 2018 Global Cloud Data Security Study (January 2018)
ADVANCED SECURITY PROGRAMS
Dr
Detection and Response
Due to a realization that preventative security controls are not foolproof, security budgets are shifting to also emphasize detection and response.
Popular new tools to empower this effort incorporate data capture at the endpoint (Endpoint Detection and Response or EDR) and in the network.
"By 2025, 70% of organizations with more than 5,000 seats will have endpoint detection and response (EDR) capabilities, up from 20% today."*
* Gartner Market Guide for Endpoint Detection and Response Solutions, Peter Firstbrook, 26 November 2018
ADVANCED SECURITY PROGRAMS
Sr
Security Orch and Automation
Security organizations are struggling due to a talent shortage, an abundance of tools to manage and alert overload. SOAR (Security Orchestration, Automation, and Response) tools provide relief by aggregating security intelligence and context from disparate systems and applying machine intelligence to streamline (or even automate) the incident detection and response process.
Automation alone can create dramatic efficiencies for security operations; one study by Ponemon calculated labor savings of nearly 80% related to evaluating intelligence, sifting through false positives, and remediating infected devices.*
* Ponemon Reducing Cybersecurity Costs & Risk through Automation Technologies (November 2017)
ADVANCED SECURITY PROGRAMS
Th
Threat Hunting
Threat Hunting is a proactive, ongoing effort to identify and eradicate adversaries that have already pierced security controls and are dwelling in an organization's network. Effective threat hunting leverages threat intelligence, telemetry from a host of tools including endpoint and network detection and response, and the ingenuity of the threat analyst.
According to one survey, 42% of organizations were conducting threat hunting on a continuous basis, with another 36% just doing it only on an ad-hoc basis as the need arises. On average, respondents saw a 2.5X improvement in the time it takes to detect and address threats from threat hunting activities.*
* Cybersecurity Insiders Threat Hunting Report 2018.
ADVANCED SECURITY PROGRAMS
Ng
Next GenerationSOC
For Rezilyens, the concept of next gen security operations center (SOC) describes a necessary evolution and improvement beyond current gen SOC capabilities which center around device management and monitoring. A select list of next gen SOC components include:
1) Orchestration and automation technologies to free up analyst time so it can be re-allocated to higher value activities such as proactive threat hunting
2) Extensive data retention (including SIEM-tier, Search-tier using ElasticSearch or similar, and Data Lake-tier using Hadoop)
3) Advanced analytics and detection
4) KPIs and discreet metrics to measure accountability and efficacy
We belive Rezilyens can help you architect and implement your SOC evolution roadmap. Rezilyens has been recognized by Gartner's as an IT Vendor Risk Management solution provider (Gartner, Critical Capabilities for IT Vendor Risk Management, November 2018).
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, express or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
Emerging Technology
API
API Security
API security should be an integral part of API implementation—and achieving this requires a specific view of the API architecture. Historically, APIs have been considered as "trusted" B2B communication, meaning controls have not been enforced as strongly as in consumer-facing areas.
Instead, security controls similar to digital banking should be applied to APIs, and a "do not trust" approach should be adopted to provide a stronger and resilient future for APIs. This security layer should address issues of:
1) Access Control
2) Threat Detection
3) Confidentiality
4) Integrity
Within this architecture, the design of APIs must take into account the need to protect against distributed denial of service (DDoS) attacks. Fortunately, this threat is also an opportunity. Since creating systems with open APIs represents a "greenfield" development for many organizations, it provides a one-off window of opportunity to do things right from start, by blocking attacks high up the stack and protecting the intelligence located on lower layers.
Emerging Technology
Bd
Big Data
To improve security defenses against increasingly sophisticated threat actors, Rezilyens expects that organizations will turn to big data solutions.
The proliferation of security tools leads to the generation of an overwhelming amount of both internal and external threat telemetry which must be captured, stored and normalized for analysis.
Big data may provide the most effective solution for this problem, and then be available for mining by increasingly intelligent automated analysis.
Emerging Technology
Ml
Machine Learning
Machine learning (ML) analyzes and synthesizes an avalanche of information that humans alone could not match. It is the practice of using algorithms to parse data, learn from it, and then make a determination or prediction about something in the world.
Emerging Technology
IoT
Internet of Things
The use of Internet of Things (IoT) and operational technology (OT) promise innovation for consumer-based applications and enhanced efficiency for corporate applications.
"By 2024, at least 50% of enterprise applications in production will be IoT-enabled."*
* Gartner Predicts 2019: IoT Will Drive Profound Changes to Your Core Business Applications and IT Infrastructure, Benoit Lheureux, et al, 13 December 2018
The proliferation of new network connected smart devices such as IoT and OT will dramatically expand an organization's attack surface. "By 2023, the average CIO will be responsible for more than three times the endpoints they manage in 2018."**
** Gartner Top Strategic IoT Trends and Technologies Through 2023, Nick Jones, 21 September 2018
Emerging Technology
Bc
Blockchain
Blockchain is a method to record transactions that provides high security by design: transactions are verified with advanced cryptography and spread across many computers in a peer-to-peer network (distributed ledger). Blockchain implementations are still nascent, and this immaturity makes it challenging to predict the ultimate impact the technology will have.
In coming years, the technology will likely influence cybersecurity applications related to data and identity integrity and transaction protection. Blockchain has captured the imagination of the market, but production deployments at scale have been minimal so far.
"The Gartner 2019 CIO Survey indicates that 11% of organizations have already deployed blockchain/distributed ledger technology, or plan to deploy it within 12 months."*
*Gartner Top 10 Strategic Technology Trends for 2019: Blockchain, Brian Burke, et al, 13 March 2019
Emerging Technology
Ai
Artificial Intelligence
Artificial intelligence (AI) involves machines that can perform tasks that are characteristic of human intelligence. AI is still in its infancy but represents an advancement beyond machine learning. Optimism about the potential positive impact of AI is further reinforced by a recent Ponemon study which pegged AI as the one technology that would grow most in importance for cyber defense within the next three years.*
* Ponemon Global Cyber Megatrends report (February 2018).
By 2021, fully 50% of legitimate security alerts will have an automated response, untouched by human analysts.
* IDC FutureScape: Worldwide Security Products and Services 2019 Predictions.
Threat Actors
Mi
Malicious Insiders
According to Verizon DBIR analysis, the percentage of breaches that involved internal actors rose to 34% in the 2019 report compared to around 25% in the prior several years.
In a study conducted by Ponemon, 64% of insider incidents related to simple negligence with the rest driven by malicious intent (including credential theft).
Unfortunately, nefarious internal actors are more difficult to uncover and contain, leading to an average cost per incident that is more than double that resulting from negligence.
* Ponemon 2018 Cost of Insider Threats (April 2018).
Unfortunately, nefarious internal actors are more difficult to uncover and contain, leading to an average cost per incident that is more than double that resulting from negligence.
*Ponemon 2018 Cost of Insider Threats (April 2018).
Threat Actors
Ni
Negligent Insiders
According to Verizon DBIR analysis, the percentage of breaches that involved internal actors rose to 34% in the 2019 report compared to around 25% in the prior several years. In a study conducted by Ponemon, 64% of insider incidents related to simple negligence with the rest driven by malicious intent (including credential theft).
Unfortunately, innocent mistakes and carelessness can still cause significant negative impacts for the breached organization in terms of costs and damage to reputation.
The Ponemon study calculated employee and contractor negligence cost the average organization $3.8 million per year, and the cost grows directly in line with the number of people employed by the organization.
* Ponemon 2018 Cost of Insider Threats (April 2018).
Threat Actors
Ha
Hacktivist
A small minority of breaches are related to Hacktivist activity where the motivation is not related to either financial gain or espionage. According to the Verizon DBIR report from 2017, 73% of breaches were financially motivated and 21% were related to espionage. This would leave up to 6% of breaches that are split between Hacktivists, Grudge, or Fun. Verizon refers to Hacktivists as Ideology motivated.
Threat Actors
Nt
Nation State
The percentage of breaches attributed to Nation State actors increased to 23% in the 2019 Verizon DBIR study compared to around 15% from the prior several years. Not surprisingly, the most common target for this group of adversaries is the government infrastructure in other countries. In fact, Nation State actors accounted for 79% of all government breaches involving external actors. Because of either direct (or clandestine) government funding, this group of cyber combatants typically possess the most sophisticated capabilities.
Threat Actors
Oc
Organized Crime
For the past several years, around 50% of breaches were perpetrated by hackers and other organized criminal groups according to the Verizon DBIR.
However, that number did dip to 39% in the DBIR for 2019 as Nation State actors gained in prevalence.
CISO CONSTRAINTS
Ra
Role and Responsibility
Effective cybersecurity programs are changing the perception that they impede an organization's digital ambitions. By protecting systems and maximizing uptime and safeguarding customer privacy to minimize customer churn, security leaders are quickly becoming critical partners for digital transformation success. That said, CISOs have their work cut out for them in terms of continuing to educate business executives and the board of directors in order to gain support for important programs. In a proprietary survey conducted by Rezilyens in 2019, it was revealed that 58% of security leaders face challenges in getting budget approval because the board does not fully understand important security issues.
Security programs continue to consolidate under the leadership of the CISO. 65% of companies in 2017 had a CISO, up from 50% in 2016.*
*ISACA’s State of Cyber Security report for 2016 and 2017.
CISO CONSTRAINTS
Bu
Budget
According to one survey, only 36% of respondents say their senior leadership believes cybersecurity is a strategic priority, which, in turn, affects funding for investment in technologies and personnel.
* Ponemon Global Cyber Megatrends report (February 2018).
On average IT security consumes more than 12% of the overall IT budget.**
**Source: CyberEdge Group 2019 Cyberthreat Defense Report
Lack of budget continues to rank among the top inhibitors to building an effective security program. CISOs are increasingly expected to provide detailed TCO/ROI analysis and demonstrate business alignment to win purchase approval.
CISO CONSTRAINTS
St
Staffing
Lack of skilled personnel is consistently mentioned by organizations as one of the top inhibitors to building effective cybersecurity programs.
The cyber industry is lacking more than 2.9 million people right now (this is up dramatically from estimates from just a year ago when it was projected the shortage would be 1.8 million people by 2022).* 59% of companies say they are at “moderate” or “extreme” risk of cyber-attacks due to this shortage.*
*Source: (ISC)² Cybersecurity Workforce Study
CISO CONSTRAINTS
Te
Technology
CISOs are overwhelmed by the marketing messages of thousands of security technology vendors all proclaiming they have the silver bullet to fix their security challenges. Partially due to this impact, Rezilyens has noticed tech sprawl within organizations. Around 46% of companies now use security technology from 11 or more vendors - with 21% using 21 or more vendors. This is up from 28% of companies that used 11 or more vendors in the prior year.*
*Cisco 2018 Annual Cybersecurity Report.
CISO CONSTRAINTS
Oz
Optimization
Security organizations are struggling due to a shortage of talent, an abundance of disparate tools to manage, and alert overload. Around 46% of companies now use security technology from 11 or more vendors -- with 21% using 21 or more vendors. As the complexity and tool count within an organization increase, so too does its risk of breach. Of organizations using 1-5 vendors, 28% said they had been breached; that number rose to 85% for organizations using 21-50 vendors.
* Cisco 2018 Annual Cybersecurity Report.
Rezilyens has unrivaled expertise in integrating security technology and a breadth of security advisory services. We can help you optimize your security program and technology footprint to drive down costs and improve your security posture.
